2021-07-08 20:01:07 +00:00
{
"CVE_data_meta" : {
2021-11-23 21:01:01 +00:00
"ASSIGNER" : "secure@dell.com" ,
"DATE_PUBLIC" : "2021-10-11" ,
"ID" : "CVE-2021-36311" ,
2021-11-23 14:52:17 -05:00
"STATE" : "PUBLIC"
2021-11-23 21:01:01 +00:00
} ,
2021-11-23 14:52:17 -05:00
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
2021-11-23 21:01:01 +00:00
"product_name" : "NetWorker" ,
2021-11-23 14:52:17 -05:00
"version" : {
"version_data" : [
{
2021-11-23 21:01:01 +00:00
"version_affected" : "<" ,
2021-11-23 14:52:17 -05:00
"version_value" : "19.5"
}
]
}
}
]
2021-11-23 21:01:01 +00:00
} ,
2021-11-23 14:52:17 -05:00
"vendor_name" : "Dell"
}
]
}
2021-11-23 21:01:01 +00:00
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
2021-07-08 20:01:07 +00:00
"description" : {
"description_data" : [
{
2021-11-23 21:01:01 +00:00
"lang" : "eng" ,
2021-11-23 14:52:17 -05:00
"value" : "Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it."
}
]
2021-11-23 21:01:01 +00:00
} ,
2021-11-23 14:52:17 -05:00
"impact" : {
"cvss" : {
2021-11-23 21:01:01 +00:00
"baseScore" : 6.0 ,
"baseSeverity" : "Medium" ,
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N" ,
2021-11-23 14:52:17 -05:00
"version" : "3.1"
}
2021-11-23 21:01:01 +00:00
} ,
2021-11-23 14:52:17 -05:00
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
2021-11-23 21:01:01 +00:00
"lang" : "eng" ,
2021-11-23 14:52:17 -05:00
"value" : "CWE-285: Improper Authorization"
}
]
}
]
2021-11-23 21:01:01 +00:00
} ,
2021-11-23 14:52:17 -05:00
"references" : {
"reference_data" : [
{
2021-11-23 21:01:01 +00:00
"refsource" : "MISC" ,
"url" : "https://www.dell.com/support/kbdoc/000192419" ,
"name" : "https://www.dell.com/support/kbdoc/000192419"
2021-07-08 20:01:07 +00:00
}
]
}
}
